Lawrence Abrams reports: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the hacking group began selling data allegedly stolen from Novartis on their Tor…
Category: Health Data
Health P.E.I. alerts public of privacy breach after laptop stolen
Shane Ross reports: More than 4,000 patients and 1,200 Health P.E.I. employees are being notified of a privacy breach after an employee’s laptop was stolen in April. In a news release issued Wednesday, Health P.E.I. said the stolen laptop was password protected and information technology staff took steps to secure the information as soon as…
FBI thwarts cyberthreat against Boston Children’s Hospital by hackers sponsored by Iranian government
WCVB reports: Hackers sponsored by the Iranian government tried to get into the computer systems of Boston Children’s Hospital last year; however, they were stopped with the help of the Boston Division of the FBI, officials announced Wednesday. […] In the summer of 2021, the FBI said officials received a report from another intelligence agency…
Costa Rica’s public health agency hit by Hive ransomware
Sergiu Gatlan reports: All computer systems on the network of Costa Rica’s public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. Hive, a Ransomware-as-a-Service (RaaS) operation active since at least June 2021, has been behind attacks on over 30 organizations, counting only the victims…
AU: NDIS case management system provider breached
Justin Hendry reports: A security breach of a cloud-based client management system used by National Disability Insurance Scheme (NDIS) service providers has exposed a “large volume” of health and other sensitive data. CTARS, a Sydney-based software and analytics provider for the disability and care sectors, this week revealed an unauthorised third-party had gained access to…
Data breach class actions: Southern District of New York dismisses action against health care providers for lack of standing
James Bogan III of Kilpatrick Townsend & Stockton LLP writes: Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a non-exhaustive three-factor test for determining…